summaryrefslogtreecommitdiff
path: root/www-ssl/admin
diff options
context:
space:
mode:
Diffstat (limited to 'www-ssl/admin')
-rwxr-xr-xwww-ssl/admin/EngelType.php6
-rwxr-xr-xwww-ssl/admin/aktiv.php14
-rwxr-xr-xwww-ssl/admin/debug.php2
-rwxr-xr-xwww-ssl/admin/dect.php2
-rwxr-xr-xwww-ssl/admin/faq.php26
-rwxr-xr-xwww-ssl/admin/free.php2
-rwxr-xr-xwww-ssl/admin/news.php10
-rwxr-xr-xwww-ssl/admin/room.php2
-rwxr-xr-xwww-ssl/admin/schichtplan.php24
-rwxr-xr-xwww-ssl/admin/schichtplan_druck.php2
-rwxr-xr-xwww-ssl/admin/shiftadd.php2
-rwxr-xr-xwww-ssl/admin/tshirt.php4
-rwxr-xr-xwww-ssl/admin/user.php10
-rwxr-xr-xwww-ssl/admin/user2.php16
-rwxr-xr-xwww-ssl/admin/userDefaultSetting.php2
15 files changed, 62 insertions, 62 deletions
diff --git a/www-ssl/admin/EngelType.php b/www-ssl/admin/EngelType.php
index 03f89b85..192a0d91 100755
--- a/www-ssl/admin/EngelType.php
+++ b/www-ssl/admin/EngelType.php
@@ -47,7 +47,7 @@ function runSQL_log( $SQL, $commed)
-$Sql = "SELECT * FROM `EngelType` ORDER BY NAME";
+$Sql = "SELECT * FROM `EngelType` ORDER BY `NAME`";
$Erg = mysql_query($Sql, $con);
if( !IsSet($_GET["action"]) )
@@ -177,9 +177,9 @@ case 'changesave':
case 'delete':
if (IsSet($_GET["TID"]))
{
- if( runSQL_log( "DELETE FROM `EngelType` WHERE `TID`='". $_GET["TID"]. "'", "delate EngelType"))
+ if( runSQL_log( "DELETE FROM `EngelType` WHERE `TID`='". $_GET["TID"]. "'", "delete EngelType"))
runSQL_log( "ALTER TABLE `Room` DROP `DEFAULT_EID_". $_GET["TID"]. "`;",
- "delate EngelType in Room Table");
+ "delete EngelType in Room Table");
}
else
echo "Fehlerhafter Aufruf";
diff --git a/www-ssl/admin/aktiv.php b/www-ssl/admin/aktiv.php
index 35eab81e..1bf7fbe1 100755
--- a/www-ssl/admin/aktiv.php
+++ b/www-ssl/admin/aktiv.php
@@ -27,7 +27,7 @@ echo "</form>\n";
if( Isset($_POST["ResetActive"]) )
{
- $SQLreset = "UPDATE `User` SET `Aktiv` = '0'";
+ $SQLreset = "UPDATE `User` SET `Aktiv`='0'";
$ErgReset = db_query($SQLreset, "Reset Active");
if ($ErgReset != 1)
echo "Fehler beim zuruecksetzen der Activ\n";
@@ -50,11 +50,11 @@ echo "\t<td>". Get_Text("pub_aktive_Active"). "</td>\n";
echo "</tr>\n";
$SQL = "SELECT ShiftEntry.UID, COUNT(ShiftEntry.UID) AS NR, SUM(Shifts.Len) as LEN ".
- "FROM `ShiftEntry` ".
- "LEFT JOIN `Shifts` ON ShiftEntry.SID=Shifts.SID ".
- "WHERE NOT UID=0 ".
- "GROUP BY UID ".
- "ORDER BY LEN DESC, NR DESC, UID ";
+ "FROM `ShiftEntry` ".
+ "LEFT JOIN `Shifts` ON ShiftEntry.SID=Shifts.SID ".
+ "WHERE NOT UID=0 ".
+ "GROUP BY UID ".
+ "ORDER BY LEN DESC, NR DESC, UID ";
$Erg = mysql_query($SQL, $con);
echo mysql_error($con);
$rowcount = mysql_num_rows($Erg);
@@ -76,7 +76,7 @@ for ($i=0; $i<$rowcount; $i++)
echo "show set";
else
{
- $SQL2="UPDATE `User` SET Aktiv=1 WHERE UID=". mysql_result($Erg, $i, "UID"). " LIMIT 1";
+ $SQL2="UPDATE `User` SET `Aktiv`='1' WHERE `UID`='". mysql_result($Erg, $i, "UID"). "' LIMIT 1";
$Erg2 = db_query($SQL2, "update Active State");
if ($Erg2 != 1)
echo "Fehler beim speichern bei Engel ".UID2Nick(mysql_result($Erg, $i, "UID"));
diff --git a/www-ssl/admin/debug.php b/www-ssl/admin/debug.php
index aaf1bcb4..961a8164 100755
--- a/www-ssl/admin/debug.php
+++ b/www-ssl/admin/debug.php
@@ -32,7 +32,7 @@ echo "Deaktiviert";
echo "<h1>Tshirt-Size</h1>";
-$SQL="SELECT `Size`, COUNT(`Size`) FROM User GROUP BY `Size`";
+$SQL="SELECT `Size`, COUNT(`Size`) FROM `User` GROUP BY `Size`";
$Erg = mysql_query($SQL, $con);
echo mysql_error($con);
$rowcount = mysql_num_rows($Erg);
diff --git a/www-ssl/admin/dect.php b/www-ssl/admin/dect.php
index 49cb72bc..1092542d 100755
--- a/www-ssl/admin/dect.php
+++ b/www-ssl/admin/dect.php
@@ -38,7 +38,7 @@ if( $_GET["dial"]=="dial")
echo "<select name=\"DECT\">\n";
echo "\t<option value=\"\">costum</option>\n";
- $usql="SELECT * FROM User WHERE NOT DECT='' ORDER BY Nick";
+ $usql="SELECT * FROM `User` WHERE NOT `DECT`='' ORDER BY `Nick`";
$uErg = mysql_query($usql, $con);
$urowcount = mysql_num_rows($uErg);
for ($k=0; $k<$urowcount; $k++)
diff --git a/www-ssl/admin/faq.php b/www-ssl/admin/faq.php
index b201c4c0..302b3bc5 100755
--- a/www-ssl/admin/faq.php
+++ b/www-ssl/admin/faq.php
@@ -66,7 +66,7 @@ case "all":
break;
case "open":
- $SQL="SELECT * FROM `Questions` WHERE AID = \"0\" ORDER BY QID DESC";
+ $SQL="SELECT * FROM `Questions` WHERE `AID`='0' ORDER BY `QID` DESC";
$quest_bearb=1; // Fragenliste anzeigen
echo "\t\tOffene Anfragen:<br>\n";
break;
@@ -76,7 +76,7 @@ case "edit":
echo "\t\tFehlerhafter Aufruf...<br>Bitte die Bearbeitung nochmals beginnen :)\n";
else
{
- $SQL = "SELECT * FROM Questions where QID=". $_GET["QID"];
+ $SQL = "SELECT * FROM `Questions` WHERE `QID`=`". $_GET["QID"]. "'";
$Erg = mysql_query($SQL, $con);
echo "\t\t<form action=\"./faq.php\" method=\"GET\">\n";
echo "\t\tAnfrage von <b>". UID2NICK(mysql_result($Erg, 0, "UID")). "</b>:<br>\n";
@@ -106,9 +106,9 @@ case "save":
echo "\tFehlerhafter Aufruf... Bitte die Bearbeitung nochmal starten...";
else
{
- $SQL = "UPDATE `Questions` SET Question=\"". $_GET["Question"].
- "\", AID=\"". $_SESSION['UID']. "\" , Answer=\"". $_GET["Answer"]. "\" ".
- "WHERE QID = \"". $_GET["QID"]. "\" LIMIT 1";
+ $SQL = "UPDATE `Questions` SET `Question`='". $_GET["Question"].
+ "', `AID`='". $_SESSION['UID']. "' , `Answer`='". $_GET["Answer"]. "' ".
+ "WHERE `QID`='". $_GET["QID"]. "' LIMIT 1";
$Erg = db_query($SQL, "save Question");
if ($Erg == 1)
{
@@ -125,10 +125,10 @@ case "transfer":
echo "\tFehlerhafter Aufruf... Bitte die Bearbeitung nochmal starten...\n";
else
{
- $SQL1="Select * from Questions where QID=". $_GET["QID"];
+ $SQL1="SELECT * FROM `Questions` WHERE `QID`='". $_GET["QID"]. "'";
$Erg = mysql_query($SQL1, $con);
- $SQL2="INSERT into `FAQ` Values (\"\", \"".
- mysql_result($Erg, 0, "Question")."\", \"".mysql_result($Erg, 0, "Answer")."\")";
+ $SQL2="INSERT INTO `FAQ` Values ('', '".
+ mysql_result($Erg, 0, "Question")."', '".mysql_result($Erg, 0, "Answer")."')";
$Erg = db_query($SQL2, "trasfert to request to the FAQ");
if ($Erg == 1)
echo "\tDer Eintrag wurde &uuml;bertragen.<br>\n";
@@ -170,7 +170,7 @@ case "faqedit":
echo "\tFehlerhafter Aufruf...<br>Bitte die Bearbeitung nochmals beginnen :)\n";
else
{
- $SQL = "SELECT * FROM FAQ where FID=". $_GET["FAQID"];
+ $SQL = "SELECT * FROM `FAQ` WHERE `FID`='". $_GET["FAQID"]. "'";
$Erg = mysql_query($SQL, $con);
// anzahl zeilen
@@ -200,7 +200,7 @@ case "faqdelete";
echo "\tFehlerhafter Aufruf... Bitte die Bearbeitung nochmal starten...\n";
else
{
- $SQL = "DELETE FROM `FAQ` WHERE FID = \"". $_GET["FAQID"]. "\" LIMIT 1";
+ $SQL = "DELETE FROM `FAQ` WHERE `FID`='". $_GET["FAQID"]. "' LIMIT 1";
$Erg = db_query($SQL, "delate faq item");
if ($Erg == 1)
echo "\tDer Eintrag wurde gel&ouml;scht<br>\n";
@@ -214,8 +214,8 @@ case "faqsave";
echo "\tFehlerhafter Aufruf... Bitte die Bearbeitung nochmal starten...\n";
else
{
- $SQL = "UPDATE `FAQ` SET Frage=\"". $_GET["Frage"]. "\", Antwort=\"". $_GET["Antwort"].
- "\" WHERE FID = \"". $_GET["FAQID"]. "\" LIMIT 1";
+ $SQL = "UPDATE `FAQ` SET `Frage`='". $_GET["Frage"]. "', `Antwort`='". $_GET["Antwort"].
+ "' WHERE `FID`='". $_GET["FAQID"]. "' LIMIT 1";
$Erg = db_query($SQL, $con);
if ($Erg == 1)
echo "\tDer Eintrag wurde ge&auml;ndert<br>\n";
@@ -238,7 +238,7 @@ case "faqnew":
break;
case "faqnewsave";
- $SQL = "INSERT INTO `FAQ` VALUES (\"\", \"". $_GET["Frage"]. "\", \"". $_GET["Antwort"]. "\")";
+ $SQL = "INSERT INTO `FAQ` VALUES ('', '". $_GET["Frage"]. "', '". $_GET["Antwort"]. "')";
$Erg = db_query($SQL, "Save new FAQ entry");
if ($Erg == 1)
echo "\tDer Eintrag wurde erfasst.<br>\n";
diff --git a/www-ssl/admin/free.php b/www-ssl/admin/free.php
index aadde44a..604660a1 100755
--- a/www-ssl/admin/free.php
+++ b/www-ssl/admin/free.php
@@ -35,7 +35,7 @@ $SQL = "SELECT Shifts.*, ShiftEntry.*, User.Nick ".
"WHERE (Shifts.DateS<=Now() AND Shifts.DateE>=Now() );";
*/
$SQL = "SELECT Shifts.*, ShiftEntry.* ".
- "FROM Shifts INNER JOIN ShiftEntry ON Shifts.SID = ShiftEntry.SID ".
+ "FROM `Shifts` INNER JOIN ShiftEntry ON Shifts.SID = ShiftEntry.SID ".
"WHERE (Shifts.DateS<=Now() AND Shifts.DateE>=Now() );";
//SELECT User.Nick, Schichtplan.*, Schichtbelegung. * FROM User LEFT JOIN Schichtbelegung ON User.UID=Schichtbelegung.UID, Schichtplan LEFT JOIN Schichtbelegung ON Schichtplan.SID = Schichtbelegung.SID WHERE Schichtplan.Date < now() and Schichtplan.EndDate > now() ORDER BY Nick
diff --git a/www-ssl/admin/news.php b/www-ssl/admin/news.php
index 137695b3..83e64a4a 100755
--- a/www-ssl/admin/news.php
+++ b/www-ssl/admin/news.php
@@ -9,7 +9,7 @@ include ("./inc/funktion_user.php");
if (!IsSet($_GET["action"]))
{
- $SQL = "SELECT * from News order by Datum DESC";
+ $SQL = "SELECT * FROM `News` ORDER BY `Datum` DESC";
$Erg = mysql_query($SQL, $con);
$rowcount = mysql_num_rows($Erg);
@@ -52,7 +52,7 @@ else
case 'change':
if (isset($_GET["date"]))
{
- $SQL = "SELECT * from News where (Datum='". $_GET["date"]. "')";
+ $SQL = "SELECT * FROM `News` WHERE (`Datum`='". $_GET["date"]. "')";
$Erg = mysql_query($SQL, $con);
if( mysql_num_rows( $Erg)==1)
@@ -91,15 +91,15 @@ else
case 'change_save':
if( isset($_GET["date"]) && isset($_GET["eBetreff"]) && isset($_GET["eText"]) )
- $chsql="UPDATE News set Betreff = \"". $_GET["eBetreff"]. "\", Text = \"". $_GET["eText"].
- "\", Treffen=". $_GET["eTreffen"]. " where (Datum = '". $_GET["date"]. "') limit 1";
+ $chsql="UPDATE `News` SET `Betreff`='". $_GET["eBetreff"]. "', `Text`='". $_GET["eText"].
+ "', `Treffen`='". $_GET["eTreffen"]. "' WHERE (`Datum`='". $_GET["date"]. "') limit 1";
else
echo "Fehler: nicht genügend parameter übergeben";
break;
case 'delete':
if (isset($_POST["date"]))
- $chsql="DELETE from News where Datum = '". $_POST["date"]. "' limit 1";
+ $chsql="DELETE FROM 'News' WHERE `Datum`='". $_POST["date"]. "' LIMIT 1";
else
echo "Fehler: \"date\" nicht übergeben";
break;
diff --git a/www-ssl/admin/room.php b/www-ssl/admin/room.php
index a1502f96..b35b3916 100755
--- a/www-ssl/admin/room.php
+++ b/www-ssl/admin/room.php
@@ -5,7 +5,7 @@ include ("./inc/header.php");
include ("./inc/funktion_user.php");
include ("./inc/funktion_schichtplan_aray.php");
-$Sql = "SELECT * FROM `Room` ORDER BY Number, Name";
+$Sql = "SELECT * FROM `Room` ORDER BY `Number`, `Name`";
$Erg = mysql_query($Sql, $con);
if( !IsSet($_GET["action"]) )
diff --git a/www-ssl/admin/schichtplan.php b/www-ssl/admin/schichtplan.php
index 9c904bb2..12c767c2 100755
--- a/www-ssl/admin/schichtplan.php
+++ b/www-ssl/admin/schichtplan.php
@@ -50,7 +50,7 @@ for( $i = 0; $i < $rowcount; $i++)
"value=\"". mysql_result($Erg, $i, "SID"). "\"></td>\n";
echo "\t\t<td>".mysql_result($Erg, $i, "DateS")."</td>\n";
- $sql2= "SELECT `Name` FROM `Room` WHERE `RID`=\"".mysql_result($Erg, $i, "RID")."\"";
+ $sql2= "SELECT `Name` FROM `Room` WHERE `RID`='".mysql_result($Erg, $i, "RID")."'";
$Erg2 = mysql_query($sql2, $con);
if( mysql_num_rows($Erg2) > 0)
echo "\t\t<td>".mysql_result($Erg2, 0, "Name")."</td>\n";
@@ -83,7 +83,7 @@ case 'change':
else
{
- $sql = "SELECT * FROM `Shifts` WHERE (`SID` = \"". $_GET["SID"]. "\" )";
+ $sql = "SELECT * FROM `Shifts` WHERE (`SID` = '". $_GET["SID"]. "' )";
$Erg = mysql_query($sql, $con);
echo "Schicht ab&auml;ndern: <br>\n";
@@ -138,7 +138,7 @@ case 'change':
echo "<br><hr>\n\n\n\n";
//Freie Engelschichten
- $sql3 = "SELECT TID FROM `ShiftEntry` WHERE SID=". $_GET["SID"]. " AND UID=0";
+ $sql3 = "SELECT `TID` FROM `ShiftEntry` WHERE `SID`='". $_GET["SID"]. "' AND `UID`='0'";
$Erg3 = mysql_query($sql3, $con);
$rowcount = mysql_num_rows($Erg3);
@@ -153,7 +153,7 @@ case 'change':
echo "<br><hr>\n\n\n\n";
//Ausgabe eingetragener schischten
- $sql3 = "SELECT * FROM `ShiftEntry` WHERE SID=". $_GET["SID"]. " AND NOT UID=0";
+ $sql3 = "SELECT * FROM `ShiftEntry` WHERE `SID`='". $_GET["SID"]. "' AND NOT `UID`='0'";
$Erg3 = mysql_query($sql3, $con);
$rowcount = mysql_num_rows($Erg3);
@@ -180,7 +180,7 @@ case 'change':
echo "<select name=\"UIDs\">\n";
echo "\t<option value=\"0\">--neu--</option>\n";
- $usql="select * from User order by Nick";
+ $usql="SELECT * FROM `User` ORDER BY `Nick`";
$uErg = mysql_query($usql, $con);
$urowcount = mysql_num_rows($uErg);
for ($k=0; $k<$urowcount; $k++)
@@ -240,15 +240,15 @@ case 'engeladd':
if( mysql_num_rows($ERG) != 0 )
{
$chSQL = "UPDATE `ShiftEntry` SET ".
- "`UID`='". $_GET["UIDs"]. "', `Comment`='shift added by ".$_SESSION['Nick']."' ";
- $chSQL .= "WHERE (`SID`='". $_GET["SID"]. "' AND ".
+ "`UID`='". $_GET["UIDs"]. "', `Comment`='shift added by ".$_SESSION['Nick']."' ".
+ "WHERE (`SID`='". $_GET["SID"]. "' AND ".
"`TID`='". $_GET["TID"]. "' AND `UID`='0' ) LIMIT 1";
}
else
{
- $chSQL = "INSERT INTO `ShiftEntry` (`SID`, `TID`, `UID`, `Comment`) VALUES (";
- $chSQL .= "'". $_GET["SID"]. "', '". $_GET["TID"]. "', ".
- "'". $_GET["UIDs"]. "', 'shift added by ".$_SESSION['Nick']."')";
+ $chSQL = "INSERT INTO `ShiftEntry` (`SID`, `TID`, `UID`, `Comment`) VALUES (".
+ "'". $_GET["SID"]. "', '". $_GET["TID"]. "', ".
+ "'". $_GET["UIDs"]. "', 'shift added by ".$_SESSION['Nick']."')";
}
echo "Es wird folgende Schicht zus&auml;tzlich eingetragen:<br>\n";
echo "Engel: ".UID2Nick($_GET["UIDs"])."<br>\n";
@@ -305,8 +305,8 @@ case 'changesave':
break;
case 'delete':
- $chSQL = "DELETE FROM `Shifts` WHERE `SID`=". $_GET["SID"]. " LIMIT 1";
- $ch2SQL = "DELETE FROM `ShiftEntry` WHERE `SID`=". $_GET["SID"];
+ $chSQL = "DELETE FROM `Shifts` WHERE `SID`='". $_GET["SID"]. "' LIMIT 1";
+ $ch2SQL = "DELETE FROM `ShiftEntry` WHERE `SID`='". $_GET["SID"]. "'";
SetHeaderGo2Back();
break;
diff --git a/www-ssl/admin/schichtplan_druck.php b/www-ssl/admin/schichtplan_druck.php
index 55dc2041..bef2dc06 100755
--- a/www-ssl/admin/schichtplan_druck.php
+++ b/www-ssl/admin/schichtplan_druck.php
@@ -50,7 +50,7 @@ for ($i = 0 ; $i < mysql_fetch_row($Erg) ; $i++)
<select name="Raum">
<?php
- $res = mysql_query("SELECT Name, RID FROM `Room` WHERE `show`!='N' ORDER BY Name;",$con);
+ $res = mysql_query("SELECT Name, RID FROM `Room` WHERE `show`!='N' ORDER BY `Name`;",$con);
for ($i = 0; $i < mysql_num_rows($res); $i++)
{
diff --git a/www-ssl/admin/shiftadd.php b/www-ssl/admin/shiftadd.php
index e873f5e0..15e54735 100755
--- a/www-ssl/admin/shiftadd.php
+++ b/www-ssl/admin/shiftadd.php
@@ -273,7 +273,7 @@ function CreateNewEntry()
// Ist eintarg schon vorhanden?
- $SQL = "SELECT SID FROM `Shifts` ";
+ $SQL = "SELECT `SID` FROM `Shifts` ";
$SQL .= "WHERE (".
"`DateS` = '". $_DateS. "' AND ".
"`DateE` = '". $_DateE. "' AND ".
diff --git a/www-ssl/admin/tshirt.php b/www-ssl/admin/tshirt.php
index 2e843e92..87dc1c73 100755
--- a/www-ssl/admin/tshirt.php
+++ b/www-ssl/admin/tshirt.php
@@ -9,7 +9,7 @@ include ("./inc/funktion_user.php");
If (IsSet($_GET["aktiv"])) {
- $SQL="Update User set Tshirt=\"1\" where UID=\"". $_GET["aktiv"]. "\" limit 1";
+ $SQL="UPDATE `User` SET `Tshirt`='1' WHERE `UID`='". $_GET["aktiv"]. "' limit 1";
$Erg = mysql_query($SQL, $con);
if ($Erg == 1) {
} else {
@@ -25,7 +25,7 @@ Hinter diesem erscheint ein Link, &uuml;ber den man eintragen kann, dass der Eng
Liste aller aktiven Engel:
<?PHP
-$SQL = "SELECT * from User where (Aktiv = 1) ORDER BY Nick ASC";
+$SQL = "SELECT * FROM `User` WHERE (`Aktiv`='1') ORDER BY `Nick` ASC";
$Erg = mysql_query($SQL, $con);
$rowcount = mysql_num_rows($Erg);
diff --git a/www-ssl/admin/user.php b/www-ssl/admin/user.php
index 98495b99..52482992 100755
--- a/www-ssl/admin/user.php
+++ b/www-ssl/admin/user.php
@@ -15,7 +15,7 @@ if (!IsSet($_GET["enterUID"]))
echo "\n<a href=\"./user.php?enterUID=-1&Type=Secure\">Edit logout User</a><br><br>\n";
if( !isset($_GET["OrderBy"]) ) $_GET["OrderBy"] = "Nick";
- $SQL = "SELECT * FROM User ORDER BY `". $_GET["OrderBy"]. "` ASC";
+ $SQL = "SELECT * FROM `User` ORDER BY `". $_GET["OrderBy"]. "` ASC";
$Erg = mysql_query($SQL, $con);
echo mysql_error($con);
@@ -96,12 +96,12 @@ if (!IsSet($_GET["enterUID"]))
echo "\t<td>";
//check userCVS=OK
- $SQL2 = "SELECT UID FROM UserCVS WHERE (UID=". mysql_result($Erg, $n, "UID"). ")";
+ $SQL2 = "SELECT `UID` FROM `UserCVS` WHERE (`UID`='". mysql_result($Erg, $n, "UID"). "')";
$Erg2 = mysql_query($SQL2, $con);
echo mysql_error($con);
if( mysql_num_rows($Erg2)==0)
{
- $SQL3 = "INSERT INTO `UserCVS` ( `UID`) VALUES ( '". mysql_result($Erg, $n, "UID"). "');";
+ $SQL3 = "INSERT INTO `UserCVS` (`UID`) VALUES ('". mysql_result($Erg, $n, "UID"). "');";
$Erg3 = db_query($SQL3, "admin/user.php auto CVS create");
if( $Erg3 )
echo "was create<br>\n";
@@ -135,7 +135,7 @@ else
if( $_GET["Type"] == "Normal" )
{
- $SQL = "SELECT * FROM User WHERE UID=". $_GET["enterUID"];
+ $SQL = "SELECT * FROM `User` WHERE `UID`='". $_GET["enterUID"]. "'";
$Erg = mysql_query($SQL, $con);
if (mysql_num_rows($Erg) != 1)
@@ -243,7 +243,7 @@ else
// CVS-Rechte
echo " <tr><td><br><u>Rights of \"". UID2Nick($_GET["enterUID"]). "\":</u></td></tr>\n";
- $SQL_CVS = "SELECT * FROM `UserCVS` WHERE UID=". $_GET["enterUID"];
+ $SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_GET["enterUID"]. "'";
$Erg_CVS = mysql_query($SQL_CVS, $con);
if( mysql_num_rows($Erg_CVS) != 1)
diff --git a/www-ssl/admin/user2.php b/www-ssl/admin/user2.php
index e1792d4e..ce349f40 100755
--- a/www-ssl/admin/user2.php
+++ b/www-ssl/admin/user2.php
@@ -48,7 +48,7 @@ if (IsSet($_GET["action"]))
elseif ($_POST["Type"] == "Secure")
{
$SQL2 = "UPDATE `UserCVS` SET ";
- $SQL_CVS = "SELECT * FROM `UserCVS` WHERE UID=". $_POST["enterUID"];
+ $SQL_CVS = "SELECT * FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "'";
$Erg_CVS = mysql_query($SQL_CVS, $con);
$CVS_Data = mysql_fetch_array($Erg_CVS);
$CVS_Data_i = 1;
@@ -59,7 +59,7 @@ if (IsSet($_GET["action"]))
$CVS_Data_i++;
}
$SQL2 = substr( $SQL2, 0, strlen($SQL2)-2 );
- $SQL2.= " WHERE `UID` = '". $_POST["enterUID"]. "' LIMIT 1;";
+ $SQL2.= " WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
echo "<br>Secure-";
$Erg = db_query($SQL2, "change user CVS");
if ($Erg == 1) {
@@ -79,7 +79,7 @@ if (IsSet($_GET["action"]))
if (IsSet($_POST["enterUID"]))
{
echo "delate User...";
- $SQL="DELETE FROM `User` WHERE `UID` = '". $_POST["enterUID"]. "' LIMIT 1;";
+ $SQL="DELETE FROM `User` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
$Erg = db_query($SQL, "User delete");
if ($Erg == 1) {
echo "&Auml;nderung wurde gesichert...\n";
@@ -88,7 +88,7 @@ if (IsSet($_GET["action"]))
}
echo "<br>\ndelate UserCVS...";
- $SQL2="DELETE FROM `UserCVS` WHERE `UID` = '". $_POST["enterUID"]. "' LIMIT 1;";
+ $SQL2="DELETE FROM `UserCVS` WHERE `UID`='". $_POST["enterUID"]. "' LIMIT 1;";
$Erg = db_query($SQL2, "User CVS delete");
if ($Erg == 1) {
echo "&Auml;nderung wurde gesichert...\n";
@@ -97,8 +97,8 @@ if (IsSet($_GET["action"]))
}
echo "<br>\ndelate UserEntry...";
- $SQL3="UPDATE `ShiftEntry` SET `UID` = '0', `Comment` = NULL ".
- "WHERE `UID` = '". $_POST["enterUID"]. "';";
+ $SQL3="UPDATE `ShiftEntry` SET `UID`='0', `Comment`=NULL ".
+ "WHERE `UID`='". $_POST["enterUID"]. "';";
$Erg = db_query($SQL3, "delate UserEntry");
if ($Erg == 1) {
echo "&Auml;nderung wurde gesichert...\n";
@@ -112,7 +112,7 @@ if (IsSet($_GET["action"]))
case "newpw":
echo "Bitte neues Kennwort f&uuml;r <b>";
// Get Nick
- $USQL = "SELECT * FROM User WHERE UID=". $_GET["eUID"];
+ $USQL = "SELECT * FROM `User` WHERE `UID`='". $_GET["eUID"]. "'";
$Erg = mysql_query($USQL, $con);
echo mysql_result($Erg, 0, "Nick");
echo "</b> eingeben:<br>";
@@ -129,7 +129,7 @@ if (IsSet($_GET["action"]))
{ // beide Passwoerter passen...
$_POST["ePasswort"] = PassCrypt($_POST["ePasswort"]);
$SQL = "UPDATE `User` SET `Passwort`='". $_POST["ePasswort"]. "' ".
- "WHERE `UID` = '". $_POST["eUID"]. "'";
+ "WHERE `UID`='". $_POST["eUID"]. "'";
$Erg = db_query($SQL, "User new passwort");
if ($Erg == 1) {
echo "&Auml;nderung wurde gesichert...\n";
diff --git a/www-ssl/admin/userDefaultSetting.php b/www-ssl/admin/userDefaultSetting.php
index 5ab7e653..51debdb1 100755
--- a/www-ssl/admin/userDefaultSetting.php
+++ b/www-ssl/admin/userDefaultSetting.php
@@ -46,7 +46,7 @@ if( isset( $_GET["Field"]) && isset( $_GET["Default"]) && isset( $_GET["Send"]))
"[". mysql_error(). "]<br><br>";
break;
case "SetForAllUser":
- $SQL = "UPDATE `UserCVS` SET `". $_GET["Field"]. "` = '". $_GET["Default"]. "'";
+ $SQL = "UPDATE `UserCVS` SET `". $_GET["Field"]. "`='". $_GET["Default"]. "'";
$Erg = mysql_query( $SQL, $con);
if( $Erg == 1)
echo "<H2>UPDATE ".$_GET["Field"]. " = ". $_GET["Default"]. " for all Users succesfull</h2>\n";
generated by cgit v1.2.3-54-g00ecf (git 2.45.2) at 2024-07-08 10:55:50 +0000